Apotekaren writes “The Finnish Ministry of Justice has started preparing changes to a current law that criminalizes using unsecured wireless hot spots (Google translation; Finnish original). The reasoning includes the impossibility of tracking unlawful use, the ease of securing networks, and the lack of real damage done by this activity. It is also hard for a user to know if an unsecured network is intended for public use or not. The increased ubiquity of legal, open networks in parks, airports, and other public places has also influenced this move by the Ministry of Justice.”
Read more of this story at Slashdot.
Link to the original site
And the MorphOS team continues to expand their hardware support. They released MorphOS version 2.5 today, which adds support for Apple’s eMac computers (the 1.25Ghz models, the 1.42 models have not yet been tested). Of course, there’s also a whole load of fixes and improvements, too.
Link to the original site
Employees of Lawrence Livermore National Laboratory have ported Sun’s/Oracle’s ZFS natively to Linux. Linux already had a ZFS port in userspace via FUSE, since license incompatibilities between the CDDL and GPL prevent ZFS from becoming part of the Linux kernel. This project solves the licensing issue by distributing ZFS as a separate kernel module users will have to download and build for themselves.
Link to the original site
Recently, the Linux version of UnrealIRCd was discovered to have had a Trojan worm its way into the source code. Even more embarrassing for the developers of Unreal is that the Trojan’s been holding open the backdoor in the source code since November of 2009– not very recently. And, of course, bloggers and press in general are taking the opportunity of another breach in Linux security to point out doomsday devices that don’t really exist.
Link to the original site
Encontrei uma solução interessante, da VASCO, que permite usar as One-Time Passwords geradas nos seus hardware tokens para autenticar contas num Domínio. Num Domínio Microsoft, bem entendido.
Chamam-lhe DIGIPASS Authentication for Windows Logon, e suporta o logon nas estações de trabalho com a colecção de gadgets da VASCO, incluindo aqueles que trabalham no modo EMV-CAP da VISA e Mastercard.
As características funcionais podem ser lidas no leaflet da solução, e no datasheet da plataforma IDENTIKEY, ambos disponíveis em formato PDF, online no site da VASCO.
(Nota: Não tenho acções da empresa nem ganho nada pela publicidade ao produto. Genericamente, gosto da solução — só isso. E vou ficar muito satisfeito se algum de vocês me mandar um email com mais uma(s) solução(ões) equivalentes de outros fabricantes)
Link to the original site
NetBSD 5.1 RC2 has been announced. A complete list of changes between 5.0 and 5.1 is available in diff format here for the more technical individuals. Fire up those VMs and give it a test run.
Link to the original site
theodp writes “A Google engineer Thursday published attack code that exploits a zero-day vulnerability in Windows XP, giving hackers a new way to hijack and infect systems with malware. But other security experts objected to the way the Google engineer disclosed the bug — just five days after it was reported to Microsoft — and said the move is more evidence of the ongoing, and increasingly public, war between the two giants.”
Read more of this story at Slashdot.
Link to the original site
Trailrunner7 writes “There’s a large-scale attack underway that is targeting Web servers running Microsoft’s IIS software, injecting the sites with a specific malicious script. The attack has compromised tens of thousands of sites already, experts say, and there’s no clear indication of who’s behind the campaign right now. The attack, which researchers first noticed earlier this week, already has affected a few high-profile sites, including those belonging to The Wall Street Journal and The Jerusalem Post. Some analyses of the IIS attack suggest that it is directed at a third-party ad management script found on these sites.”
Read more of this story at Slashdot.
Link to the original site
l_bratch writes “A malicious backdoor was added to the UnrealIRCd source archive some time around November 2009. It was not noticed for several months, so many IRC servers are likely to be compromised. A Metasploit exploit already exists.”
Read more of this story at Slashdot.
Link to the original site
